In August, the U.S. Department of Health and Human Services (“HHS”) Office of Inspector General (“OIG”) made an additional focus in its Work Plan for the oversight of nursing facility staffing levels. These changes were made in the light of backlash from a July 2018 news article which reported that nearly 1,400 nursing homes had fewer qualified staff on duty than they were required or failed altogether to provide reliable staffing information to the Centers for Medicare and Medicaid Services (“CMS”).
On July 6, the Information Commissioner’s Office (ICO) issued their first Enforcement Notice to AggregateIQ (AIQ) under the General Data Protection Regulation (GDPR) and the United Kingdom’s Data Protection Act (DPA). The GDPR is a law regulating data protection and privacy as well as the export of personal data outside of the European Union (EU). It became enforceable on May 25, 2018. The DPA supplements the GDPR and regulates the processing of personal data. The ICO is a regulatory office in the UK which enforces regulations under the DPA and GDPR. AIQ is a Canadian digital advertising, web and software development company that was charged with violations regarding the use of data analytics in political campaigning. This article will address the AIQ enforcement notice and how companies ensure compliance with the GDPR to prevent receipt of an enforcement notice.
On September 11, 2018, the Securities and Exchange Commission (SEC) announced two enforcement actions relating to failures to register by market intermediaries in connection with digital asset activities. Despite earlier suggestions that the Commodity Futures Trading Commission (CFTC) might be the primary self-regulatory organization (SRO) regulating this market, the main takeaway from these cases is that market intermediaries dealing in digital assets may also have registration and customer protection liabilities, and the failure to observe them can result in serious penalties.
In a world where our reliance on technology and the cloud is increasing exponentially, data security’s growth has stagnated. The European Union (EU) passed the General Data Protection Regulation (GDPR) in hopes of ensuring that consumer data is protected and not harbored by businesses. The effects of the GDPR, however, have passed the borders of the European Union. In a world where our actions extend internationally with just the click of a button, the GDPR’s impact circles the globe as well. The GDPR has pushed for a shift in data privacy and regulation for companies within and outside of the EU as it holds to protect European citizens, no matter where they are in the world. This international reach has not only created forces to drive U.S. companies to comply, but states within the U.S. are now creating GDPR-inspired laws to protect their own citizens. The GDPR has started a trend that will soon become the norm and finally push compliance to keep up with the exponential growth of technology.
Modern business thinking has come to accept that reputation is as important as financials. As investors look for companies that demonstrate this understanding, compliance professionals are in a unique position to make their companies more appealing.
In early January of this year, the House Committee on Armed Services granted an extension to a bill that would increase border security. An unlikely opponent of this bill is the environmental lobby, since the bill would allow the Department of Homeland Security (DHS) to waive the requirements of some of the most important environmental protection statutes. These statutes have been the basis for almost all the citizen enforcement in the environmental arena; they work to maintain protections for 73 different areas along the border, along with numerous endangered species.
Beginning January, 2018, U.S. citizens with unpaid taxes may find their U.S. passport applications denied and their existing passports revoked. The I.R.S. announced that it will begin implementation of procedures to notify the State Department of taxpayers the I.R.S. certifies as owing a “seriously delinquent tax debt.” This may come as a rude awakening to many Americans, although both the press and television news issued warnings going back more than a year ago.
For the first time since 2013, on Saturday, January 20th, 2018, the U.S. government ran out of money when Congress failed to pass a spending bill to fund the federal government. Much of the federal government’s operations have ground to a halt due to the lack of funding. Because Congress is seemingly at an impasse over immigration policy, the shutdown may last several days, if not weeks. In light of Loyola’s upcoming symposium exploring what happens when regulation is not enforced, it is interesting to consider how, in a similar vein, the shutdown affects compliance.
In the midst of countless sexual misconduct allegations against some of Hollywood’s most powerful people, on November 9, 2017, Los Angeles District Attorney, Jackie Lacey, issued a statement outlining a plan of action. A special task force of veteran sex crimes prosecutors has been assembled to ensure a “uniformed approach to the legal review and possible prosecution of any case that meets both the legal and factual standards for criminal prosecution.” The Beverly Hills and Los Angeles Police Departments are conducting investigations of the accused as a rapidly increasing volume of sexual misconduct allegations are reported. Law enforcement and the special task force prosecutors are faced with legal and factual difficulties before any sexual misconduct allegations are sufficient for criminal prosecution. The legal elements of the alleged crime, the specific facts of each allegation, the existence of physical evidence, and the remedies available to the victims, are among the many convoluted factors that will dictate the ongoing investigations and prosecution of the allegations that are flooding Hollywood.
The IRS suspended its Automatic Substitute for Return (ASFR) Program for lack of resources, Tax Analysts and others report. The ASFR program has long provided an avenue for the IRS to assess taxes on delinquent filers after requests to file returns were ignored by having its computer system automatically calculate the tax due based on Forms 1099 and other information reports that had been filed with the IRS. The IRS could then assess the taxes and attempt to collect based on these substitute returns. However, since deductions were ignored, the tax amounts tended to be inflated, sometimes incredibly so, and significant IRS time was required to respond to contested assessments and collection efforts that were sometimes highly unrealistic.